O'Reilly logo

CompTIA Security+ Certification Guide by Ian Neil

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Five minute practical

Open up the command prompt on your computer, and type netstat -an. You should now see the listening and established ports; count them, and write the numbers down. Run the command shutdown /r /t 0 to immediately reboot the machine. Log back in, go to the command prompt, and run netstat -an; what is the difference? You will see that you have lost information that could have been used as evidence:

Volatile evidence summary

Web-based attack

Computer attack

Removable drive

Command line

Capture network traffic

CPU cache then

RAM

Volatile memory using RAM

Netstat-an

Exam tipCapturing the network traffic is the first step in remote or web-based attacks so that you can identify the course.
  • Chain ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required